Setting up Team Foundation Server 2008 for HTTPS / SSL
There has long been a walkthrough available on MSDN for accomplishing this task. We in support have found however that while this ‘official’ walkthrough is quite helpful, it is lacking in some areas and is missing some key items. Over the course of several support issues with customers who have tried to follow this walkthrough, we have updated it and made additions, creating what we feel is a more complete guide through the process. We are presenting it here for your viewing pleasure.
This document / BLOG post may be updated from time to time as we need to make adjustments to the document. We also hope to have this document up on MSDN in its entirety very soon.
I’d like to take this opportunity to thank Wendell Philips for compiling this into one document. Great job, Wendell!
Enjoy, and please… let us know if you have any suggestions/additions/changes/etc. as you work through the process (via the comments on this BLOG).
Trevor Hancock
Comments
Anonymous
December 10, 2008
I have also setup my TFS instance to use SSL for internet connections however I did not select digest or basic authentication. I am just using windows authentication. My system seems to be functioning correctly however I just want to be sure that I did not break anything. Comments?Anonymous
December 12, 2008
The comment has been removedAnonymous
February 07, 2009
I followed these steps and for some reason my Reports are not working. In Team Explorer all projects are showing a Red X on the Reports item. If I try and access the reports directly via IE I'm getting this error: "The attempt to connect to the report server failed. Check your connection information and that the report server is a compatible version." Any thoughts? Thanks, John AmesAnonymous
February 19, 2009
Back in October 2008 we posted an update to the “ Walkthrough: Setting up Team Foundation Server to RequireAnonymous
June 24, 2009
>Basic/Digest authentication are recommended for users trying to connect from externally. If you are using basic authentication instead of windows integrated authentication (NTLM), shouldn't you adjust the the reporting service configuration in order to allow this type of authentication as described in http://msdn.microsoft.com/en-us/library/cc281309.aspx? Or do I miss something?Anonymous
February 01, 2010
Dear Team, I am looking for a solution where people from local (LAN) will access TFS 2008 using HTTP protocol (TFS port: 8080) and people from remote location will access TFS 2008 using HTTPS protocol (TFS port: 443). Is it possible? I dont want everyone to connect to TFS using HTTPS protocol. Awaiting for your earliest response Kindly help me to locate the documentation. Thanks & Regards, KrishnamurthyAnonymous
February 02, 2010
Yes, you can use the capabilities of the ISAPI filter for TFS to let certain network segments use HTTP and others use HTTPS. See this post http://msdn.microsoft.com/en-gb/library/aa833874.aspx for a great explnation of setting up the filter. Wendell